Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Constant unresolvable alias alerts

    Scheduled Pinned Locked Moved pfBlockerNG
    9 Posts 2 Posters 6.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lordbob75
      last edited by

      I'm getting the following 2 alerts all the time, and it also emails them to me.  Getting pretty annoying at this point to be honest.  Why is it happening and how can I fix or stop it?

      Unresolvable source alias 'pfB_IPBlocking' for rule 'pfB_IPBlocking auto rule'
      Unresolvable destination alias 'pfB_IPBlocking' for rule 'pfB_IPBlocking auto rule'

      Any help is appreciated, thanks.

      1 Reply Last reply Reply Quote 0
      • RonpfSR
        RonpfS
        last edited by

        What do you see in pfBlockerNG Logs when you run a Force Update or a Force Reload IP ?

        2.4.5-RELEASE-p1 (amd64)
        Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
        Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

        1 Reply Last reply Reply Quote 0
        • L
          lordbob75
          last edited by

          Force IP:

           UPDATE PROCESS START [ 12/09/17 09:49:27 ]
          
          ===[  DNSBL Process  ]================================================
          
          [ EasyList_No_Elements ] exists.
          [ EasyList_Privacy ]	 exists.
          [ StevenBlack ]		 exists.
          [ MalwareDomains ]	 exists.
          [ Cameleon ]		 exists.
          [ Zeustracker ]		 exists.
          [ DisconnectMeTracking ] exists.
          [ DisconnectMeAds ]	 exists.
          [ HostsFileNet ]	 exists.
          [ DNSBL_IP ]		 Updating aliastable [ 12/09/17 09:49:28 ]... 
            no changes.
            Total IP count = 55
          
          ===[  Continent Process  ]============================================
          
          ===[  IPv6 Process  ]=================================================
          
          ===[  Aliastables / Rules  ]==========================================
          
          No changes to Firewall rules, skipping Filter Reload
          No Changes to Aliases, Skipping pfctl Update
          
          ===[  Kill States  ]==================================================
          
           No matching states found
          ======================================================================
          
           UPDATE PROCESS ENDED [ 12/09/17 09:49:35 ]
          
          

          Force Reload All:

          UPDATE PROCESS START [ 12/09/17 09:50:55 ]
          
          ===[  DNSBL Process  ]================================================
          
          [ EasyList_No_Elements ] Reload [ 12/09/17 09:50:56 ] . completed ..
            Whitelist: entrecard.s3.amazonaws.com|ltassrv.com.s3.amazonaws.com|
            Alexa Whitelist: absoluteclickscom.com|ad-apac.doubleclick.net|ad-emea.doubleclick.net|ad.doubleclick.net|ad.mo.doubleclick.net|adexchangecloud.com|bongacams.com|buzzadnetwork.com|cm.g.doubleclick.net|codeonclick.com|directrev.com|doubleclick.net|doublepimp.com|doublepimpssl.com|exdynsrv.com|exoclick.com|exosrv.com|flirt4free.com|fwbntw.com|gan.doubleclick.net|googleads.g.doubleclick.net|iv.doubleclick.net|iwanttodeliver.com|jsmjmp.com|junbi-tracker.com|liveadexchanger.com|mellowads.com|mysagagame.com|n4403ad.doubleclick.net|neobux.com|partner.video.syndication.msn.com|popads.net|popcash.net|popmyads.com|prpops.com|pubads.g.doubleclick.net|reallifecam.com|smartadtags.com|speakol.com|tradedoubler.com|traffic-media.co|valuecommerce.com|velocecdn.com|wzus1.ask.com|
            ----------------------------------------------------------------------
            Orig.    Unique     # Dups     # White    # Alexa    Final                
            ----------------------------------------------------------------------
            10012    9476       0          2          44         9430                 
            ----------------------------------------------------------------------
            IP count=38
          
          [ EasyList_Privacy ]	 Reload [ 12/09/17 09:51:19 ] . completed ..
            Whitelist: optimizely.com|
            Alexa Whitelist: cnzz.com|doubleclick.net|shareasale.com|tradedoubler.com|
            ----------------------------------------------------------------------
            Orig.    Unique     # Dups     # White    # Alexa    Final                
            ----------------------------------------------------------------------
            3088     3064       28         1          4          3031                 
            ----------------------------------------------------------------------
            IP count=16
          
          [ StevenBlack ]		 Reload [ 12/09/17 09:51:23 ] . completed ..
            Whitelist: 3459571470.log.optimizely.com|adagiobanner.s3.amazonaws.com|admarvel.s3.amazonaws.com|ads.linkedin.com|ads.twitter.com|adtago.s3.amazonaws.com|advert.funimation.com|advice-ads.s3.amazonaws.com|adzerk.s3.amazonaws.com|alexa-sitestats.s3.amazonaws.com|c.msn.com|campaign-tapad.s3.amazonaws.com|cdn.installationsafe.net.s3.amazonaws.com|cdn.optimizely.com|cdn3.optimizely.com|digital-ads.s3.amazonaws.com|ecommstats.s3.amazonaws.com|entrecard.s3.amazonaws.com|exitsplash.s3.amazonaws.com|gx-in-f109.1e100.net|html5adkit.plusmo.s3.amazonaws.com|htmlads.s3.amazonaws.com|iacpromotion.s3.amazonaws.com|inneractive-assets.s3.amazonaws.com|js-agent.newrelic.com|load.s3.amazonaws.com|localhost.localdomain|log.optimizely.com|log3.optimizely.com|mackeeper-land-672695126.us-east-1.elb.amazonaws.com|matchbin-assets.s3.amazonaws.com|mobileanalytics.us-east-1.amazonaws.com|mobileanalytics.us-east-2.amazonaws.com|mobileanalytics.us-west-1.amazonaws.com|mobileanalytics.us-west-2.amazonaws.com|mondoads.s3.amazonaws.com|mu-in-f167.1e100.net|ncads.s3.amazonaws.com|odds.optimizely.com|p.twitter.com|scribe.twitter.com|slate-ad-scripts.s3.amazonaws.com|springclick-ads.s3.amazonaws.com|static-shareaholic.s3.amazonaws.com|strikeadcdn.s3.amazonaws.com|sync.cmedia.s3.amazonaws.com|tracking.opencandy.com.s3.amazonaws.com|viewerstats.docstoc.com.s3.amazonaws.com|vml1.s3.amazonaws.com|yab-adimages.s3.amazonaws.com|yx-in-f108.1e100.net|znaptag-us.s3.amazonaws.com|
            ----------------------------------------------------------------------
            Orig.    Unique     # Dups     # White    # Alexa    Final                
            ----------------------------------------------------------------------
            43001    43001      1305       52         0          41644                
            ----------------------------------------------------------------------
            IP count=1
          
          [ MalwareDomains ]	 Reload [ 12/09/17 09:51:53 ] . completed ..
            ----------------------------------------------------------------------
            Orig.    Unique     # Dups     # White    # Alexa    Final                
            ----------------------------------------------------------------------
            14906    14906      300        0          0          14606                
            ----------------------------------------------------------------------
          
          [ Cameleon ]		 Reload [ 12/09/17 09:52:07 ] . completed ..
            Whitelist: 3459571470.log.optimizely.com|ads.twitter.com|advert.funimation.com|analytics.twitter.com|cdn.optimizely.com|cdn3.optimizely.com|js-agent.newrelic.com|log.optimizely.com|log3.optimizely.com|odds.optimizely.com|
            ----------------------------------------------------------------------
            Orig.    Unique     # Dups     # White    # Alexa    Final                
            ----------------------------------------------------------------------
            20629    20629      12426      10         0          8193                 
            ----------------------------------------------------------------------
          
          [ Zeustracker ]		 Reload [ 12/09/17 09:52:20 ] . completed ..
            ----------------------------------------------------------------------
            Orig.    Unique     # Dups     # White    # Alexa    Final                
            ----------------------------------------------------------------------
            401      401        8          0          0          393                  
            ----------------------------------------------------------------------
          
          [ DisconnectMeTracking ] Reload [ 12/09/17 09:52:24 ] . completed ..
            ----------------------------------------------------------------------
            Orig.    Unique     # Dups     # White    # Alexa    Final                
            ----------------------------------------------------------------------
            34       34         13         0          0          21                   
            ----------------------------------------------------------------------
          
          [ DisconnectMeAds ]	 Reload [ 12/09/17 09:52:27 ] . completed ..
            Whitelist: admarvel.s3.amazonaws.com|adzerk.s3.amazonaws.com|alexa-sitestats.s3.amazonaws.com|entrecard.s3.amazonaws.com|interactive-assets.s3.amazonaws.com|yab-adimages.s3.amazonaws.com|
            ----------------------------------------------------------------------
            Orig.    Unique     # Dups     # White    # Alexa    Final                
            ----------------------------------------------------------------------
            2703     2703       2341       6          0          356                  
            ----------------------------------------------------------------------
          
          [ HostsFileNet ]	 Reload [ 12/09/17 09:52:31 ] . completed ..
            Whitelist: 137852403.log.optimizely.com|196179102.log.optimizely.com|2426010203.log.optimizely.com|2449650414.log.optimizely.com|2570540166.log.optimizely.com|2926210385.log.optimizely.com|3480025.log.optimizely.com|38179760.log.optimizely.com|401591473.log.optimizely.com|554924358.log.optimizely.com|74647825.log.optimizely.com|9785216.log.optimizely.com|a6522.s3-website-us-east-1.amazonaws.com|admarvel.s3.amazonaws.com|ads.linkedin.com|ads_ad_center.s3.amazonaws.com|adstracking.s3-website-us-west-1.amazonaws.com|advice-ads.s3.amazonaws.com|advrts.s3.amazonaws.com|adzerk-www.s3.amazonaws.com|airpushmarketing.s3.amazonaws.com|analytics.twitter.com|analyticsengine.s3.amazonaws.com|api.optimizely.com|arabmistress.s3.amazonaws.com|blamads-assets.s3.amazonaws.com|bo-videos.s3.amazonaws.com|btg.mtvnservices.com|c.microsoft.com|c.msn.com|c1.microsoft.com|cadreon.s3.amazonaws.com|campaign-tapad.s3.amazonaws.com|cd-ladsp-com.s3.amazonaws.com|cdn.optimizely.com|cdn2.optimizely.com|cdn3.optimizely.com|ce2-dev-trk.s3.amazonaws.com|ce2-dev.s3.amazonaws.com|chartaca.com.s3.amazonaws.com|cloudfront-labs.amazonaws.com|collector-cdn.github.com|com.djinnworks.sdm.s3.amazonaws.com|convertglobal.s3.amazonaws.com|dban4-549565586.eu-west-1.elb.amazonaws.com|demandmedia.s3.amazonaws.com|deskwww.s3.amazonaws.com|ec2-54-171-97-32.eu-west-1.compute.amazonaws.com|ec2-54-225-149-4.compute-1.amazonaws.com|ec2-54-235-183-132.compute-1.amazonaws.com|epowernetworktrackerimages.s3.amazonaws.com|evs-hosted-14facd241e1c08.s3.amazonaws.com|forumwarz.s3.amazonaws.com|gateways.s3.amazonaws.com|getbarometer.s3.amazonaws.com|getsidecar.s3.amazonaws.com|gfaf-banners.s3.amazonaws.com|homad-global-configs-eu-fra.schneevonmorgen.com.s3.amazonaws.com|html5adkit.plusmo.s3.amazonaws.com|iacpromotion.s3.amazonaws.com|immassets.s3.amazonaws.com|inneractive-assets.s3.amazonaws.com|inpref.s3-external-3.amazonaws.com|inpref.s3.amazonaws.com|interactive-assets.s3.amazonaws.com|js-agent.newrelic.com|kkastatic.s3.amazonaws.com|kraken-measurements.s3.amazonaws.com|livechat.s3.amazonaws.com|log.optimizely.com|loved-by.s3.amazonaws.com|ltassrv.com.s3.amazonaws.com|magnify360-cdn.s3.amazonaws.com|matchbin-assets.s3.amazonaws.com|myadserve.s3-website-us-east-1.amazonaws.com|newbuzz-collection-1925855828.us-east-1.elb.amazonaws.com|news-whistleout.s3.amazonaws.com|nmtracking.netflix.com|nxa-ls.s3.amazonaws.com|optimizely.com|optimizely.s3.amazonaws.com|pivotal.github.com|platform.linkedin.com|research.netflix.com|rich-agent.s3.amazonaws.com|s3-tracking.synthasite.net.s3.amazonaws.com|sana.newsinc.com.s3.amazonaws.com|sdsbucket.s3.amazonaws.com|spyhunter-download.s3.amazonaws.com|strikeadcdn.s3.amazonaws.com|thetradedesk-tags.s3.amazonaws.com|trafficads.s3-website-us-west-1.amazonaws.com|tree-pixel-log.s3.amazonaws.com|twitter-badges.s3.amazonaws.com|us-east-1.profile-api.ads.linkedin.com|vice-ads.s3.amazonaws.com|waiwidgets-1246822334.eu-west-1.elb.amazonaws.com|whistleout.s3.amazonaws.com|yc-ads.s3.amazonaws.com|
            ----------------------------------------------------------------------
            Orig.    Unique     # Dups     # White    # Alexa    Final                
            ----------------------------------------------------------------------
            48524    48521      9091       99         0          39331                
            ----------------------------------------------------------------------
          
          [ DNSBL_IP ]		 Updating aliastable [ 12/09/17 09:53:33 ]... 
            no changes.
            Total IP count = 55
          
          ------------------------------------------
          Assembling database... completed
          Validating database... completed [ 12/09/17 09:54:18 ]
          Reloading Unbound.... completed
          DNSBL update [ 117005 | PASSED  ]... completed [ 12/09/17 09:55:20 ]
          ------------------------------------------
          
          ===[  Continent Process  ]============================================
          
          ===[  IPv6 Process  ]=================================================
          
          ===[  Aliastables / Rules  ]==========================================
          
          No changes to Firewall rules, skipping Filter Reload
          No Changes to Aliases, Skipping pfctl Update
          
          ===[  Kill States  ]==================================================
          
           No matching states found
          ======================================================================
          
          ===[ FINAL Processing ]=====================================
          
             [ Original IP count   ]  [ 0 ]
          
             [ Final IP Count  ]  [ 0 ]
          
          ===[ DNSBL Domain/IP Counts ] ===================================
          
            117060 total
             41644 /var/db/pfblockerng/dnsbl/StevenBlack.txt
             39331 /var/db/pfblockerng/dnsbl/HostsFileNet.txt
             14606 /var/db/pfblockerng/dnsbl/MalwareDomains.txt
              9430 /var/db/pfblockerng/dnsbl/EasyList_No_Elements.txt
              8193 /var/db/pfblockerng/dnsbl/Cameleon.txt
              3031 /var/db/pfblockerng/dnsbl/EasyList_Privacy.txt
               393 /var/db/pfblockerng/dnsbl/Zeustracker.txt
               356 /var/db/pfblockerng/dnsbl/DisconnectMeAds.txt
                38 /var/db/pfblockerng/dnsbl/EasyList_No_Elements.ip
                21 /var/db/pfblockerng/dnsbl/DisconnectMeTracking.txt
                16 /var/db/pfblockerng/dnsbl/EasyList_Privacy.ip
                 1 /var/db/pfblockerng/dnsbl/StevenBlack.ip
          ===============================================================
          
          Database Sanity check [  PASSED  ]
          ------------------------
          Masterfile/Deny folder uniq check
          Deny folder/Masterfile uniq check
          
          Sync check (Pass=No IPs reported)
          ----------
          
          IPv4 alias tables IP count
          -----------------------------
          55
          
          IPv6 alias tables IP count
          -----------------------------
          0
          
          Alias table IP Counts
          -----------------------------
                55 total
                55 /var/db/aliastables/pfB_DNSBLIP.txt
                 0 /var/db/aliastables/pfB_MaliciousIPs.txt
          
          pfSense Table Stats
          -------------------
          table-entries hard limit  2000000
          Table Usage Count         4039
          
           UPDATE PROCESS ENDED [ 12/09/17 09:55:31 ]
          
          1 Reply Last reply Reply Quote 0
          • RonpfSR
            RonpfS
            last edited by

            I don't see any IPBlocking table.
            If you have created FW rules using and inexistant pfB_IPBlocking alias, you will get those messages.
            Either enable the IPBlocking table or remove the FW Rules using it.

            2.4.5-RELEASE-p1 (amd64)
            Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
            Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

            1 Reply Last reply Reply Quote 0
            • L
              lordbob75
              last edited by

              @RonpfS:

              I don't see any IPBlocking table.
              If you have created FW rules using and inexistant pfB_IPBlocking alias, you will get those messages.
              Either enable the IPBlocking table or remove the FW Rules using it.

              Oh… OK so let me make sure I know what you mean.

              I have no lists in PFBlockerNG IPv4 or IPv6.  That's what you mean by the IPBlocking table?
              In firewall alias URLs, I have one entry for pfB_DNSBLIP
              In firewall alias IP, I have 2 entries, one for ms telemetry and one for acme lets encrypt
              In firewall rules, I have an entry for pfB_DNSBLIP and pfB_IPBlocking.

              I believe the firewall rules were created automatically.  I added the MS telemetry list.

              What exactly do I need to do to remove or activate things?

              1 Reply Last reply Reply Quote 0
              • RonpfSR
                RonpfS
                last edited by

                @lordbob75:

                In firewall rules, I have an entry for pfB_DNSBLIP and pfB_IPBlocking.

                You have problem with "pfB_IPBlocking" that might have been created by pfBlockerNG at some point, but now it uses "Unresolvable source/destination alias 'pfB_IPBlocking' ". So remove those rules.

                2.4.5-RELEASE-p1 (amd64)
                Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
                Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

                1 Reply Last reply Reply Quote 0
                • L
                  lordbob75
                  last edited by

                  @RonpfS:

                  You have problem with "pfB_IPBlocking" that might have been created by pfBlockerNG at some point, but now it uses "Unresolvable source/destination alias 'pfB_IPBlocking' ". So remove those rules.

                  OK, I've deleted that rule on the WAN and LAN interfaces.  It does look like the alerts have stopped.  Thank you so much!

                  I don't believe there will be, but could deleting that cause any problems?

                  1 Reply Last reply Reply Quote 0
                  • RonpfSR
                    RonpfS
                    last edited by

                    @lordbob75:

                    I don't believe there will be, but could deleting that cause any problems?

                    Well I don't know, maybe at some point you did some tests and now it's not needed.
                    Removing them already solved the email problem ;)  ;D

                    2.4.5-RELEASE-p1 (amd64)
                    Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
                    Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

                    1 Reply Last reply Reply Quote 0
                    • L
                      lordbob75
                      last edited by

                      @RonpfS:

                      @lordbob75:

                      I don't believe there will be, but could deleting that cause any problems?

                      Well I don't know, maybe at some point you did some tests and now it's not needed.
                      Removing them already solved the email problem ;)  ;D

                      Fairly sure I messed with some IP lists at some point, but never noticed the new rule or whatever.  Still don't know a whole lot about networking and firewalls so I don't always recognize things like this.

                      Alerts have definitely gone away at this point, thank you so much for helping me nail that down.

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.